Bug 786013

Summary:	VUL-1: CVE-2012-4530: kernel: stack disclosure in binfmt_script load_script()
Product:	[Novell Products] SUSE Security Incidents	Reporter:	Shawn Chang <shchang>
Component:	Incidents	Assignee:	Michal Hocko <mhocko>
Status:	RESOLVED FIXED	QA Contact:	Security Team bot <security-team>
Severity:	Normal
Priority:	P3 - Medium	CC:	meissner, mhocko, security-team
Version:	unspecified
Target Milestone:	---
Hardware:	x86-64
OS:	SLES 11
Whiteboard:	maint:released:sle11-sp2:50894 maint:released:sle11-sp2:50893 maint:released:sle11-sp2:50891 maint:released:sle11-sp2:50899 maint:released:sle11-sp1:51381 maint:released:sle10-sp3:51656 maint:released:sles9-sp3-teradata:51777 maint:released:sle10-sp4:51851 maint:released:sle10-sp4:51852 maint:released:sle10-sp3:55195 maint:released:sle10-sp3:55194 maint:released:sle11-sp1:56047 maint:released:sle11-sp1:56048 maint:released:sle11-sp1:56053 maint:released:sle11-sp1:56049 maint:released:sle11-sp1:56052
Found By:	---	Services Priority:
Business Priority:		Blocker:	---
Marketing QA Status:	---	IT Deployment:	---

Description Shawn Chang 2012-10-20 05:52:38 UTC

This possible attack was already disclosured by oss-security.

--------------------------------------------------------------------------
A memory disclosure flaw has been found in the way binfmt_script load_script() function handled excessive recursions. An unprivileged local user could use this flaw to leak kernel memory.

Proposed upstream fix:
 - https://lkml.org/lkml/2012/9/23/29

References:
 - https://lkml.org/lkml/2012/8/18/75
 - http://www.halfdog.net/Security/2012/LinuxKernelBinfmtScriptStackDataDisclosure/
--------------------------------------------------------------------------

Testing environment: SLES 11 SP2
POC code: http://www.halfdog.net/Security/2012/LinuxKernelBinfmtScriptStackDataDisclosure/DoTest.sh

--------------------------------------------------------------------------
shawn@linux-20sd:~> uname -a
Linux linux-20sd 3.0.42-0.7-default #1 SMP Tue Oct 9 11:58:45 UTC 2012 (a8dc443) x86_64 x86_64 x86_64 GNU/Linux 

shawn@linux-20sd:~> sh DoTest.sh 
0000000: 4172 6773 0a2f 6269 6e2f 6261 7368 000d  Args./bin/bash..
0000010: 6669 6c65 2d41 4141 4141 4141 4141 4141  file-AAAAAAAAAAA
0000020: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000030: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000040: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000050: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000060: 4141 4141 412d 3630 0078 7878 0000 7878  AAAAA-60.xxx..xx
0000070: 7800 0d66 696c 652d 4141 4141 4141 4141  x..file-AAAAAAAA
0000080: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000090: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00000a0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00000b0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00000c0: 4141 4141 4141 4141 2d35 3900 7878 7800  AAAAAAAA-59.xxx.
00000d0: 0d66 696c 652d 4141 4141 4141 4141 4141  .file-AAAAAAAAAA
00000e0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00000f0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000100: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000110: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000120: 4141 4141 4141 2d35 3700 7878 7800 0d66  AAAAAA-57.xxx..f
0000130: 696c 652d 4141 4141 4141 4141 4141 4141  ile-AAAAAAAAAAAA
0000140: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000150: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000160: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000170: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000180: 4141 4141 2d35 3600 7878 7800 0078 7878  AAAA-56.xxx..xxx
0000190: 000d 6669 6c65 2d41 4141 4141 4141 4141  ..file-AAAAAAAAA
00001a0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00001b0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00001c0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00001d0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00001e0: 4141 4141 4141 412d 3535 0078 7878 000d  AAAAAAA-55.xxx..
00001f0: 6669 6c65 2d41 4141 4141 4141 4141 4141  file-AAAAAAAAAAA
0000200: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000210: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000220: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000230: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000240: 4141 4141 412d 3533 0078 7878 0000 7878  AAAAA-53.xxx..xx
0000250: 7800 0d66 696c 652d 4141 4141 4141 4141  x..file-AAAAAAAA
0000260: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000270: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000280: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000290: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00002a0: 4141 4141 4141 4141 2d35 3200 7878 7800  AAAAAAAA-52.xxx.
00002b0: 0d66 696c 652d 4141 4141 4141 4141 4141  .file-AAAAAAAAAA
00002c0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00002d0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00002e0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00002f0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000300: 4141 4141 4141 2d35 3000 7878 7800 0d66  AAAAAA-50.xxx..f
0000310: 696c 652d 4141 4141 4141 4141 4141 4141  ile-AAAAAAAAAAAA
0000320: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000330: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000340: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000350: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000360: 4141 4141 2d34 3900 7878 7800 0d66 696c  AAAA-49.xxx..fil
0000370: 652d 4141 4141 4141 4141 4141 4141 4141  e-AAAAAAAAAAAAAA
0000380: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000390: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00003a0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00003b0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00003c0: 4141 2d34 3800 7878 7800 f83a 723b 0078  AA-48.xxx..:r;.x
00003d0: 7878 000d 6669 6c65 2d41 4141 4141 4141  xx..file-AAAAAAA
00003e0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00003f0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000400: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000410: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000420: 4141 4141 4141 4141 412d 3437 0078 7878  AAAAAAAAA-47.xxx
0000430: 000d 6669 6c65 2d41 4141 4141 4141 4141  ..file-AAAAAAAAA
0000440: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000450: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000460: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000470: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000480: 4141 4141 4141 412d 3435 0078 7878 0000  AAAAAAA-45.xxx..
0000490: 7878 7800 0d66 696c 652d 4141 4141 4141  xxx..file-AAAAAA
00004a0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00004b0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00004c0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00004d0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00004e0: 4141 4141 4141 4141 4141 2d34 3400 7878  AAAAAAAAAA-44.xx
00004f0: 7800 0d66 696c 652d 4141 4141 4141 4141  x..file-AAAAAAAA
0000500: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000510: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000520: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000530: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000540: 4141 4141 4141 4141 2d34 3200 7878 7800  AAAAAAAA-42.xxx.
0000550: 0d66 696c 652d 4141 4141 4141 4141 4141  .file-AAAAAAAAAA
0000560: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000570: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000580: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000590: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00005a0: 4141 4141 4141 2d34 3100 7878 7800 0078  AAAAAA-41.xxx..x
00005b0: 7878 000d 6669 6c65 2d41 4141 4141 4141  xx..file-AAAAAAA
00005c0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00005d0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00005e0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00005f0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000600: 4141 4141 4141 4141 412d 3430 0078 7878  AAAAAAAAA-40.xxx
0000610: 000d 6669 6c65 2d41 4141 4141 4141 4141  ..file-AAAAAAAAA
0000620: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000630: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000640: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000650: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000660: 4141 4141 4141 412d 3338 0078 7878 0000  AAAAAAA-38.xxx..
0000670: 7878 7800 0d66 696c 652d 4141 4141 4141  xxx..file-AAAAAA
0000680: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000690: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00006a0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00006b0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00006c0: 4141 4141 4141 4141 4141 2d33 3700 7878  AAAAAAAAAA-37.xx
00006d0: 7800 0d66 696c 652d 4141 4141 4141 4141  x..file-AAAAAAAA
00006e0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00006f0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000700: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000710: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000720: 4141 4141 4141 4141 2d33 3500 7878 7800  AAAAAAAA-35.xxx.
0000730: 0d66 696c 652d 4141 4141 4141 4141 4141  .file-AAAAAAAAAA
0000740: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000750: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000760: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000770: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000780: 4141 4141 4141 2d33 3400 7878 7800 0d66  AAAAAA-34.xxx..f
0000790: 696c 652d 4141 4141 4141 4141 4141 4141  ile-AAAAAAAAAAAA
00007a0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00007b0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00007c0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00007d0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00007e0: 4141 4141 2d33 3300 7878 7800 0d66 696c  AAAA-33.xxx..fil
00007f0: 652d 4141 4141 4141 4141 4141 4141 4141  e-AAAAAAAAAAAAAA
0000800: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000810: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000820: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000830: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000840: 4141 2d33 3200 7878 7800 0d66 696c 652d  AA-32.xxx..file-
0000850: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000860: 4141 8202 0078 7878 000d 6669 6c65 2d41  AA...xxx..file-A
0000870: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000880: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000890: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00008a0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00008b0: 4141 4141 4141 4141 4141 4141 4141 412d  AAAAAAAAAAAAAAA-
00008c0: 3331 0078 7878 000d 6669 6c65 2d41 4141  31.xxx..file-AAA
00008d0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00008e0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00008f0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000900: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000910: 4141 4141 4141 4141 4141 4141 412d 3239  AAAAAAAAAAAAA-29
0000920: 0078 7878 0000 7878 7800 0d66 696c 652d  .xxx..xxx..file-
0000930: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000940: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000950: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000960: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000970: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000980: 2d32 3800 7878 7800 0d66 696c 652d 4141  -28.xxx..file-AA
0000990: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00009a0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00009b0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00009c0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
00009d0: 4141 4141 4141 4141 4141 4141 4141 2d32  AAAAAAAAAAAAAA-2
00009e0: 3600 7878 7800 0d66 696c 652d 4141 4141  6.xxx..file-AAAA
00009f0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000a00: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000a10: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000a20: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000a30: 4141 4141 4141 4141 4141 4141 2d32 3500  AAAAAAAAAAAA-25.
0000a40: 7878 7800 0100 7878 7800 0d66 696c 652d  xxx...xxx..file-
0000a50: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000a60: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000a70: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000a80: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000a90: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000aa0: 2d32 3400 7878 7800 0d66 696c 652d 4141  -24.xxx..file-AA
0000ab0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000ac0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000ad0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000ae0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000af0: 4141 4141 4141 4141 4141 4141 4141 2d32  AAAAAAAAAAAAAA-2
0000b00: 3200 7878 7800 0078 7878 000d 6669 6c65  2.xxx..xxx..file
0000b10: 2d41 4141 4141 4141 4141 4141 4141 4141  -AAAAAAAAAAAAAAA
0000b20: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000b30: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000b40: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000b50: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000b60: 412d 3231 0078 7878 000d 6669 6c65 2d41  A-21.xxx..file-A
0000b70: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000b80: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000b90: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000ba0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000bb0: 4141 4141 4141 4141 4141 4141 4141 412d  AAAAAAAAAAAAAAA-
0000bc0: 3139 0078 7878 000d 6669 6c65 2d41 4141  19.xxx..file-AAA
0000bd0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000be0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000bf0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000c00: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000c10: 4141 4141 4141 4141 4141 4141 412d 3138  AAAAAAAAAAAAA-18
0000c20: 0078 7878 000d 6669 6c65 2d41 4141 4141  .xxx..file-AAAAA
0000c30: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000c40: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000c50: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000c60: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000c70: 4141 4141 4141 4141 4141 412d 3137 0078  AAAAAAAAAAA-17.x
0000c80: 7878 00f8 3a72 3b00 7878 7800 0d66 696c  xx..:r;.xxx..fil
0000c90: 652d 4141 4141 4141 4141 4141 4141 4141  e-AAAAAAAAAAAAAA
0000ca0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000cb0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000cc0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000cd0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000ce0: 4141 2d31 3600 7878 7800 0d66 696c 652d  AA-16.xxx..file-
0000cf0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000d00: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000d10: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000d20: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000d30: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000d40: 2d31 3400 7878 7800 0078 7878 000d 6669  -14.xxx..xxx..fi
0000d50: 6c65 2d41 4141 4141 4141 4141 4141 4141  le-AAAAAAAAAAAAA
0000d60: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000d70: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000d80: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000d90: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000da0: 4141 412d 3133 0078 7878 000d 6669 6c65  AAA-13.xxx..file
0000db0: 2d41 4141 4141 4141 4141 4141 4141 4141  -AAAAAAAAAAAAAAA
0000dc0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000dd0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000de0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000df0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000e00: 412d 3131 0078 7878 000d 6669 6c65 2d41  A-11.xxx..file-A
0000e10: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000e20: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000e30: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000e40: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000e50: 4141 4141 4141 4141 4141 4141 4141 412d  AAAAAAAAAAAAAAA-
0000e60: 3130 0078 7878 0001 0078 7878 000d 6669  10.xxx...xxx..fi
0000e70: 6c65 2d41 4141 4141 4141 4141 4141 4141  le-AAAAAAAAAAAAA
0000e80: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000e90: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000ea0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000eb0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000ec0: 4141 412d 3900 7878 7800 0d66 696c 652d  AAA-9.xxx..file-
0000ed0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000ee0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000ef0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000f00: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000f10: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000f20: 2d37 0078 7878 0000 7878 7800 0d66 696c  -7.xxx..xxx..fil
0000f30: 652d 4141 4141 4141 4141 4141 4141 4141  e-AAAAAAAAAAAAAA
0000f40: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000f50: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000f60: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000f70: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000f80: 4141 2d36 0078 7878 000d 6669 6c65 2d41  AA-6.xxx..file-A
0000f90: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000fa0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000fb0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000fc0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0000fd0: 4141 4141 4141 4141 4141 4141 4141 412d  AAAAAAAAAAAAAAA-
0000fe0: 3400 7878 7800 0d66 696c 652d 4141 4141  4.xxx..file-AAAA
0000ff0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
0001000: 4141 4141 41                             AAAAA
--------------------------------------------------------------------------

Comment 1 Marcus Meissner 2012-10-21 07:08:22 UTC

no fix upstream yet.

Comment 2 Shawn Chang 2012-10-21 13:34:11 UTC

yeah, I'll test it again after upstream fix.

Comment 3 Swamp Workflow Management 2012-10-21 22:00:11 UTC

bugbot adjusting priority

Comment 4 Marcus Meissner 2013-01-22 15:28:09 UTC

upstream fix:

commit b66c5984017533316fd1951770302649baf1aa33
Author: Kees Cook <keescook@chromium.org>
Date:   Thu Dec 20 15:05:16 2012 -0800

    exec: do not leave bprm->interp on stack
    
    If a series of scripts are executed, each triggering module loading via
    unprintable bytes in the script header, kernel stack contents can leak
    into the command line.
    
    Normally execution of binfmt_script and binfmt_misc happens recursively.
    However, when modules are enabled, and unprintable bytes exist in the
    bprm->buf, execution will restart after attempting to load matching
    binfmt modules.  Unfortunately, the logic in binfmt_script and
    binfmt_misc does not expect to get restarted.  They leave bprm->interp
    pointing to their local stack.  This means on restart bprm->interp is
    left pointing into unused stack memory which can then be copied into the
    userspace argv areas.
    
    After additional study, it seems that both recursion and restart remains
    the desirable way to handle exec with scripts, misc, and modules.  As
    such, we need to protect the changes to interp.
    
    This changes the logic to require allocation for any changes to the
    bprm->interp.  To avoid adding a new kmalloc to every exec, the default
    value is left as-is.  Only when passing through binfmt_script or
    binfmt_misc does an allocation take place.
    
    For a proof of concept, see DoTest.sh from:
    
       http://www.halfdog.net/Security/2012/LinuxKernelBinfmtScriptStackDataDisclosure/
    
    Signed-off-by: Kees Cook <keescook@chromium.org>

Comment 5 Marcus Meissner 2013-01-22 15:30:39 UTC

patches.kernel.org/patch-3.0.57-58 contains the fix for SLES 11 SP2.

patches.kernel.org/patch-3.4.24-25 contains the fix for openSUSE 12.2.


(openSUSE 12.1 would be missing still.)

Comment 6 Michal Hocko 2013-01-25 15:21:34 UTC

pushed to openSUSE 12.1 and SLE11-SP1-TD branches.

I guess this is not a 11SP1-LTSS candidate.

Comment 7 Michal Hocko 2013-02-04 09:24:10 UTC

Please reopen if 11-sp1-ltss should get this as well.
All other products should be done

Comment 8 Marcus Meissner 2013-02-07 16:47:07 UTC

We have just released a kernel update that mentions/fixes this bug. The release version is 3.0.58-0.6.2.1.

Comment 9 Swamp Workflow Management 2013-02-07 18:56:06 UTC

Update released for: cluster-network-kmp-default, cluster-network-kmp-trace, gfs2-kmp-default, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, ocfs2-kmp-default, ocfs2-kmp-trace
Products:
SLE-DEBUGINFO 11-SP2 (ia64)
SLE-HAE 11-SP2 (ia64)
SLE-SERVER 11-SP2 (ia64)

Comment 10 Swamp Workflow Management 2013-02-07 19:07:30 UTC

Update released for: cluster-network-kmp-default, cluster-network-kmp-trace, gfs2-kmp-default, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-default-man, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-trace-man, ocfs2-kmp-default, ocfs2-kmp-trace
Products:
SLE-DEBUGINFO 11-SP2 (s390x)
SLE-HAE 11-SP2 (s390x)
SLE-SERVER 11-SP2 (s390x)

Comment 11 Swamp Workflow Management 2013-02-07 19:29:19 UTC

Update released for: cluster-network-kmp-default, cluster-network-kmp-trace, cluster-network-kmp-xen, gfs2-kmp-default, gfs2-kmp-trace, gfs2-kmp-xen, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-debuginfo, kernel-ec2-debugsource, kernel-ec2-devel, kernel-ec2-devel-debuginfo, kernel-ec2-extra, kernel-ec2-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra, kernel-xen-hmac, ocfs2-kmp-default, ocfs2-kmp-trace, ocfs2-kmp-xen, xen-kmp-default, xen-kmp-pae, xen-kmp-trace
Products:
SLE-DEBUGINFO 11-SP2 (x86_64)
SLE-DESKTOP 11-SP2 (x86_64)
SLE-HAE 11-SP2 (x86_64)
SLE-SERVER 11-SP2 (x86_64)
SLES4VMWARE 11-SP2 (x86_64)

Comment 12 Swamp Workflow Management 2013-02-07 19:39:04 UTC

Update released for: cluster-network-kmp-default, cluster-network-kmp-ppc64, cluster-network-kmp-trace, gfs2-kmp-default, gfs2-kmp-ppc64, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-extra, kernel-default-hmac, kernel-ppc64, kernel-ppc64-base, kernel-ppc64-debuginfo, kernel-ppc64-debugsource, kernel-ppc64-devel, kernel-ppc64-extra, kernel-ppc64-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-extra, kernel-trace-hmac, ocfs2-kmp-default, ocfs2-kmp-ppc64, ocfs2-kmp-trace
Products:
SLE-DEBUGINFO 11-SP2 (ppc64)
SLE-HAE 11-SP2 (ppc64)
SLE-SERVER 11-SP2 (ppc64)

Comment 13 Swamp Workflow Management 2013-02-07 20:04:08 UTC

Update released for: cluster-network-kmp-default, cluster-network-kmp-pae, cluster-network-kmp-trace, cluster-network-kmp-xen, gfs2-kmp-default, gfs2-kmp-pae, gfs2-kmp-trace, gfs2-kmp-xen, kernel-default, kernel-default-base, kernel-default-devel, kernel-default-extra, kernel-default-hmac, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-devel, kernel-ec2-extra, kernel-ec2-hmac, kernel-pae, kernel-pae-base, kernel-pae-devel, kernel-pae-extra, kernel-pae-hmac, kernel-source, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-devel, kernel-trace-extra, kernel-trace-hmac, kernel-xen, kernel-xen-base, kernel-xen-devel, kernel-xen-extra, kernel-xen-hmac, ocfs2-kmp-default, ocfs2-kmp-pae, ocfs2-kmp-trace, ocfs2-kmp-xen
Products:
SLE-DEBUGINFO 11-SP2 (i386)
SLE-DESKTOP 11-SP2 (i386)
SLE-HAE 11-SP2 (i386)
SLE-SERVER 11-SP2 (i386)
SLES4VMWARE 11-SP2 (i386)

Comment 14 Swamp Workflow Management 2013-02-07 23:08:09 UTC

Update released for: ext4-writeable-kmp-default, ext4-writeable-kmp-ppc64, ext4-writeable-kmp-trace, kernel-default-extra, kernel-ppc64-extra
Products:
SLE-SERVER 11-EXTRA (ppc64)

Comment 15 Swamp Workflow Management 2013-02-07 23:10:06 UTC

Update released for: ext4-writeable-kmp-default, ext4-writeable-kmp-trace, ext4-writeable-kmp-xen, kernel-default-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (x86_64)

Comment 16 Swamp Workflow Management 2013-02-07 23:10:26 UTC

Update released for: ext4-writeable-kmp-default, ext4-writeable-kmp-pae, ext4-writeable-kmp-trace, ext4-writeable-kmp-xen, kernel-default-extra, kernel-pae-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (i386)

Comment 17 Swamp Workflow Management 2013-02-07 23:11:24 UTC

Update released for: ext4-writeable-kmp-default, ext4-writeable-kmp-trace, kernel-default-extra
Products:
SLE-SERVER 11-EXTRA (ia64)

Comment 18 Swamp Workflow Management 2013-02-07 23:15:16 UTC

Update released for: ext4-writeable-kmp-default, ext4-writeable-kmp-trace, kernel-default-extra
Products:
SLE-SERVER 11-EXTRA (s390x)

Comment 19 Marcus Meissner 2013-02-22 10:07:31 UTC

Michal, does this affect SLES 10 too? 

I quickly look at it, but I cant seem to find why or why not?

Comment 20 Michal Hocko 2013-02-22 12:41:55 UTC

Yes it is I am afraid. And sorry that I have missed sles10 again. And sles9 as too :/ because bprm->interp points to its stack and it does the recursion as well.

Comment 21 Michal Hocko 2013-02-22 17:11:06 UTC

Hmm, I am not able to reproduce the issue with sles10 but the code seems to be vulnerable. So I have pushed the backport to the git.

pushed to SLES10_SP4_BRANCH, SLES10-SP3-TD and SLES9-SP3-TD

Comment 22 Swamp Workflow Management 2013-02-25 12:10:14 UTC

The SWAMPID for this issue is 51373.
This issue was rated as important.
Please submit fixed packages until 2013-03-04.
Also create a patchinfo file using this link:
https://swamp.suse.de/webswamp/wf/51373

Comment 24 Swamp Workflow Management 2013-03-01 10:06:36 UTC

Update released for: kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra, xen-kmp-default, xen-kmp-trace
Products:
SLE-SERVER 11-SP1-TERADATA (x86_64)

Comment 25 Swamp Workflow Management 2013-03-05 17:09:27 UTC

openSUSE-SU-2013:0396-1: An update that solves 10 vulnerabilities and has 25 fixes is now available.

Category: security (important)
Bug References: 714906,720226,733148,755546,762693,765524,768506,769784,769896,770695,773406,773831,774285,774523,774859,776144,778630,779432,781134,783515,784192,786013,787168,792500,793671,797175,799209,800280,801178,801782,802153,802642,804154,804652,804738
CVE References: CVE-2012-0957,CVE-2012-2745,CVE-2012-3412,CVE-2012-4530,CVE-2013-0160,CVE-2013-0216,CVE-2013-0231,CVE-2013-0268,CVE-2013-0309,CVE-2013-0871
Sources used:
openSUSE 12.1 (src):    kernel-docs-3.1.10-1.19.2, kernel-source-3.1.10-1.19.1, kernel-syms-3.1.10-1.19.1

Comment 27 Swamp Workflow Management 2013-03-18 12:05:02 UTC

Update released for: kernel-debug, kernel-debug-debuginfo, kernel-default, kernel-default-debuginfo, kernel-kdump, kernel-kdump-debuginfo, kernel-smp, kernel-smp-debuginfo, kernel-source, kernel-source-debuginfo, kernel-syms, kernel-xen, kernel-xen-debuginfo
Products:
SLE-SERVER 10-SP3-TERADATA (x86_64)

Comment 28 Swamp Workflow Management 2013-03-20 15:50:43 UTC

The SWAMPID for this issue is 51776.
This issue was rated as important.
Please submit fixed packages until 2013-03-27.
When done, please reassign the bug to security-team@suse.de.
Patchinfo will be handled by security team.

Comment 29 Swamp Workflow Management 2013-03-25 13:04:43 UTC

Update released for: kernel-default, kernel-default-debug, kernel-smp, kernel-smp-debug, kernel-source, kernel-syms, um-host-kernel, kernel-update.ycp, install-kernel-non-interactive.sh
Products:
SUSE-CORE 9-SP3-TERADATA (x86_64)

Comment 31 Michal Hocko 2013-04-08 07:33:55 UTC

I guess we can close this finally

Comment 32 Swamp Workflow Management 2013-04-12 18:25:50 UTC

Update released for: kernel-bigsmp, kernel-bigsmp-debuginfo, kernel-debug, kernel-debug-debuginfo, kernel-default, kernel-default-debuginfo, kernel-kdump, kernel-kdump-debuginfo, kernel-kdumppae, kernel-kdumppae-debuginfo, kernel-smp, kernel-smp-debuginfo, kernel-source, kernel-source-debuginfo, kernel-syms, kernel-syms-debuginfo, kernel-vmi, kernel-vmi-debuginfo, kernel-vmipae, kernel-vmipae-debuginfo, kernel-xen, kernel-xen-debuginfo, kernel-xenpae, kernel-xenpae-debuginfo
Products:
SLE-DEBUGINFO 10-SP4 (i386)
SLE-DESKTOP 10-SP4 (i386)
SLE-SDK 10-SP4 (i386)
SLE-SERVER 10-SP4 (i386)

Comment 33 Swamp Workflow Management 2013-04-12 18:39:36 UTC

Update released for: kernel-debug, kernel-debug-debuginfo, kernel-default, kernel-default-debuginfo, kernel-source, kernel-source-debuginfo, kernel-syms
Products:
SLE-DEBUGINFO 10-SP4 (ia64)
SLE-SDK 10-SP4 (ia64)
SLE-SERVER 10-SP4 (ia64)

Comment 34 Swamp Workflow Management 2013-04-12 19:00:06 UTC

Update released for: kernel-debug, kernel-debug-debuginfo, kernel-default, kernel-default-debuginfo, kernel-kdump, kernel-kdump-debuginfo, kernel-smp, kernel-smp-debuginfo, kernel-source, kernel-source-debuginfo, kernel-syms, kernel-xen, kernel-xen-debuginfo
Products:
SLE-DEBUGINFO 10-SP4 (x86_64)
SLE-DESKTOP 10-SP4 (x86_64)
SLE-SDK 10-SP4 (x86_64)
SLE-SERVER 10-SP4 (x86_64)

Comment 35 Swamp Workflow Management 2013-04-12 19:08:27 UTC

Update released for: kernel-default, kernel-default-debuginfo, kernel-source, kernel-syms
Products:
SLE-DEBUGINFO 10-SP4 (s390x)
SLE-SERVER 10-SP4 (s390x)

Comment 36 Swamp Workflow Management 2013-04-12 19:18:35 UTC

Update released for: kernel-default, kernel-default-debuginfo, kernel-iseries64, kernel-iseries64-debuginfo, kernel-kdump, kernel-kdump-debuginfo, kernel-ppc64, kernel-ppc64-debuginfo, kernel-source, kernel-source-debuginfo, kernel-syms
Products:
SLE-DEBUGINFO 10-SP4 (ppc)
SLE-SDK 10-SP4 (ppc)
SLE-SERVER 10-SP4 (ppc)

Comment 38 Swamp Workflow Management 2013-11-06 14:34:43 UTC

The SWAMPID for this issue is 54954.
This issue was rated as moderate.
Please submit fixed packages until 2013-11-20.
When done, please reassign the bug to security-team@suse.de.
Patchinfo will be handled by security team.

Comment 39 Swamp Workflow Management 2013-12-06 23:51:32 UTC

Update released for: kernel-default, kernel-default-debuginfo, kernel-source, kernel-syms
Products:
SLE-DEBUGINFO 10-SP3 (s390x)
SLE-SERVER 10-SP3-LTSS (s390x)

Comment 40 Swamp Workflow Management 2013-12-07 01:46:04 UTC

Update released for: kernel-bigsmp, kernel-bigsmp-debuginfo, kernel-debug, kernel-debug-debuginfo, kernel-default, kernel-default-debuginfo, kernel-kdump, kernel-kdump-debuginfo, kernel-kdumppae, kernel-kdumppae-debuginfo, kernel-smp, kernel-smp-debuginfo, kernel-source, kernel-source-debuginfo, kernel-syms, kernel-syms-debuginfo, kernel-vmi, kernel-vmi-debuginfo, kernel-vmipae, kernel-vmipae-debuginfo, kernel-xen, kernel-xen-debuginfo, kernel-xenpae, kernel-xenpae-debuginfo
Products:
SLE-DEBUGINFO 10-SP3 (i386)
SLE-SERVER 10-SP3-LTSS (i386)

Comment 41 Swamp Workflow Management 2014-02-24 08:56:47 UTC

Update released for: btrfs-kmp-default, btrfs-kmp-pae, btrfs-kmp-trace, btrfs-kmp-xen, cluster-network-kmp-default, cluster-network-kmp-pae, cluster-network-kmp-trace, cluster-network-kmp-xen, ext4dev-kmp-default, ext4dev-kmp-pae, ext4dev-kmp-trace, ext4dev-kmp-xen, gfs2-kmp-default, gfs2-kmp-pae, gfs2-kmp-trace, gfs2-kmp-xen, hyper-v-kmp-default, hyper-v-kmp-pae, hyper-v-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-debuginfo, kernel-ec2-debugsource, kernel-ec2-devel, kernel-ec2-devel-debuginfo, kernel-ec2-extra, kernel-pae, kernel-pae-base, kernel-pae-debuginfo, kernel-pae-debugsource, kernel-pae-devel, kernel-pae-devel-debuginfo, kernel-pae-extra, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra, ocfs2-kmp-default, ocfs2-kmp-pae, ocfs2-kmp-trace, ocfs2-kmp-xen
Products:
SLE-DEBUGINFO 11-SP1 (i386)
SLE-SERVER 11-SP1-LTSS (i386)

Comment 42 Swamp Workflow Management 2014-02-24 08:57:18 UTC

Update released for: btrfs-kmp-default, btrfs-kmp-trace, cluster-network-kmp-default, cluster-network-kmp-trace, ext4dev-kmp-default, ext4dev-kmp-trace, gfs2-kmp-default, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-man, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-man, ocfs2-kmp-default, ocfs2-kmp-trace
Products:
SLE-DEBUGINFO 11-SP1 (s390x)
SLE-SERVER 11-SP1-LTSS (s390x)

Comment 43 Swamp Workflow Management 2014-02-24 09:52:28 UTC

Update released for: btrfs-kmp-default, btrfs-kmp-trace, btrfs-kmp-xen, cluster-network-kmp-default, cluster-network-kmp-trace, cluster-network-kmp-xen, ext4dev-kmp-default, ext4dev-kmp-trace, ext4dev-kmp-xen, gfs2-kmp-default, gfs2-kmp-trace, gfs2-kmp-xen, hyper-v-kmp-default, hyper-v-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-debuginfo, kernel-ec2-debugsource, kernel-ec2-devel, kernel-ec2-devel-debuginfo, kernel-ec2-extra, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra, ocfs2-kmp-default, ocfs2-kmp-trace, ocfs2-kmp-xen
Products:
SLE-DEBUGINFO 11-SP1 (x86_64)
SLE-SERVER 11-SP1-LTSS (x86_64)

Comment 44 Swamp Workflow Management 2014-02-24 14:15:21 UTC

SUSE-SU-2014:0287-1: An update that solves 84 vulnerabilities and has 41 fixes is now available.

Category: security (moderate)
Bug References: 714906,715250,735347,744955,745640,748896,752544,754898,760596,761774,762099,762366,763463,763654,767610,767612,768668,769644,769896,770695,771706,771992,772849,773320,773383,773577,773640,773831,774523,775182,776024,776144,776885,777473,780004,780008,780572,782178,785016,786013,787573,787576,789648,789831,795354,797175,798050,800280,801178,802642,803320,804154,804653,805226,805227,805945,806138,806976,806977,806980,807320,808358,808827,809889,809891,809892,809893,809894,809898,809899,809900,809901,809902,809903,810045,810473,811354,812364,813276,813735,814363,814716,815352,815745,816668,817377,818337,818371,820338,822575,822579,823260,823267,823618,824159,824295,825227,826707,827416,827749,827750,828012,828119,833820,835094,835481,835839,840226,840858,845028,847652,847672,848321,849021,851095,851103,852558,852559,853050,853051,853052,856917,858869,858870,858872
CVE References: CVE-2011-1083,CVE-2011-3593,CVE-2012-1601,CVE-2012-2137,CVE-2012-2372,CVE-2012-2745,CVE-2012-3375,CVE-2012-3412,CVE-2012-3430,CVE-2012-3511,CVE-2012-4444,CVE-2012-4530,CVE-2012-4565,CVE-2012-6537,CVE-2012-6538,CVE-2012-6539,CVE-2012-6540,CVE-2012-6541,CVE-2012-6542,CVE-2012-6544,CVE-2012-6545,CVE-2012-6546,CVE-2012-6547,CVE-2012-6548,CVE-2012-6549,CVE-2013-0160,CVE-2013-0216,CVE-2013-0231,CVE-2013-0268,CVE-2013-0310,CVE-2013-0343,CVE-2013-0349,CVE-2013-0871,CVE-2013-0914,CVE-2013-1767,CVE-2013-1773,CVE-2013-1774,CVE-2013-1792,CVE-2013-1796,CVE-2013-1797,CVE-2013-1798,CVE-2013-1827,CVE-2013-1928,CVE-2013-1943,CVE-2013-2015,CVE-2013-2141,CVE-2013-2147,CVE-2013-2164,CVE-2013-2232,CVE-2013-2234,CVE-2013-2237,CVE-2013-2634,CVE-2013-2851,CVE-2013-2852,CVE-2013-2888,CVE-2013-2889,CVE-2013-2892,CVE-2013-2893,CVE-2013-2897,CVE-2013-2929,CVE-2013-3222,CVE-2013-3223,CVE-2013-3224,CVE-2013-3225,CVE-2013-3228,CVE-2013-3229,CVE-2013-3231,CVE-2013-3232,CVE-2013-3234,CVE-2013-3235,CVE-2013-4345,CVE-2013-4470,CVE-2013-4483,CVE-2013-4511,CVE-2013-4587,CVE-2013-4588,CVE-2013-4591,CVE-2013-6367,CVE-2013-6368,CVE-2013-6378,CVE-2013-6383,CVE-2014-1444,CVE-2014-1445,CVE-2014-1446
Sources used:
SUSE Linux Enterprise Server 11 SP1 LTSS (src):    btrfs-0-0.3.151, ext4dev-0-7.9.118, hyper-v-0-0.18.37, kernel-default-2.6.32.59-0.9.1, kernel-ec2-2.6.32.59-0.9.1, kernel-pae-2.6.32.59-0.9.1, kernel-source-2.6.32.59-0.9.1, kernel-syms-2.6.32.59-0.9.1, kernel-trace-2.6.32.59-0.9.1, kernel-xen-2.6.32.59-0.9.1
SLE 11 SERVER Unsupported Extras (src):    kernel-default-2.6.32.59-0.9.1, kernel-pae-2.6.32.59-0.9.1, kernel-xen-2.6.32.59-0.9.1

Comment 45 Swamp Workflow Management 2014-02-24 14:38:08 UTC

Update released for: kernel-default-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (x86_64)

Comment 46 Swamp Workflow Management 2014-02-24 15:09:32 UTC

Update released for: kernel-default-extra, kernel-pae-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (i386)

Comment 47 Swamp Workflow Management 2014-02-24 16:09:48 UTC

Update released for: kernel-default-extra
Products:
SLE-SERVER 11-EXTRA (s390x)